1. There sure are a lot of crypto apps. I'm not vehemently anti-crypto, but it is missing some "obvious" applications and full of those, so I'm curious what the play was there. They're all spread all over the place isntead of in a single category too. There are non-crypto finance apps that are self-hosted (Actual, BudgE, etc.), please don't mix them.
2. Plex and/or jellyfin stand out as huge misses right out of the gate.
3. I am surprised that it doesn't use nginx proxy manager with preset configs to make this all available from a single domain. Needs letsencrypt + a DDNS provider too while you're at it.
4. Why no blog/cms?
5. Can I give it the docker-compose config for an application not on the app store somewhere in GUI?
6. Wait, why is this accessible from Tor? And I can't turn it off? Nope nope nope.
1. Re crypto apps, I figured some additional context may help. Before our today's release, Umbrel was a self-hosting OS primarily geared towards Bitcoin node users. Today, we migrated the Bitcoin node to the Umbrel App Store and took the last step in our transition to becoming an app-agnostic general purpose OS. So expect to see a lot more non-Bitcoin apps hereon!
2. Yes, agree. We'll have Plex and Jellyfin live in the app store soon.
3. The main issue we found with using a single domain on the local network is that many Android phones and PCS have flaky mDNS support, in which case name resolution for "*.local" would simply fail. This is why we decided to use ports. Perhaps we can look into using ports on the local network and domain on a VPS.
4. Good suggestion! Feel free to share your recommendations.
5. That's not possible using the UI, but you can create your own custom docker-compose app by following our app framework documentation: https://github.com/getumbrel/umbrel-apps/blob/master/README....
6. Until now, a common use case of our users has been remote connection between Umbrel and their Bitcoin wallets over Tor. This is why remote access was baked directly into Umbrel and turned-on by default.
However, as we've now evolved from the Bitcoin space, we'll prioritize offering the ability to disable remote Tor access functionality in the next update, and make it opt-in instead of opt-out.
Caddy has state-of-the-art certificate automation and TLS support, and with that module, it automatically updates DNS records if users have non-static IPs. It'll also serve certs for localhost domains (use *.localhost IMO).
[0]: https://caddyserver.com (I'm the author, for disclosure)
1. Makes sense, looking forward to progress there.
2. Excellent. I’d consider one of the Wireguard VPN servers be prioritized as well.
3. I wouldn’t use mDNS for it, I would either require and integrate the PiHole configuration or come with a DNS server as well (leaning towards PiHole here). I’d suggest long-term planning on integrating DNS/DDNS and LetsEncrypt. I use a combo of a DDNS container for CloudFlare and a wildcard DNS generated by nginx proxy manager.
4. I’d go for one “simple” CMS, like Ghost, and one fully featured, like WordPress.
5. Will check it out.
6. Appreciate it being an option, I’ve signed up for the mailing list to get a notification when it is available so I can make another run at it.
Great work and I appreciate the engagement.
It would be nice to have first class support for deploying stuff this way - not just for testing. I would like to deploy custom containers / compositions on my Umbrel and see them alongside stuff installed from the official repository. Ok to require an external guy repo as upstream for this, but better to work entirely local.
Hello, do you have plans to interop with an established selfhosting distro and package scheme? Yunohost, Freedombox and Libreserver come to mind. If you'd rather go the containerized/virtualized way, there's a dozen or so distros based on Docker/LXC/K8S to make selfhosting easier.
I'm always happy that people are building stuff for selfhosting (though like others i'm skeptical of anything cryptocurrency-related), so please don't take it as a dismissal of your work, but i don't understand the appeal of building yet another solution and package format that's not interoperable with the others who have been out there for 5/10 years and provide good services to plenty of users already.
To be fair, apart from Dockerfiles there's not exactly any decent specification for declarative sysadmin (network ports, filesystem access..). The selfhosting field could certainly use a specification for selfhosted packages across distros, because the current situation places a strong burden on volunteer maintainers to keep up with updates.
Encouraging usage of privacy enabling services by default is good.
From what I can tell (and I might be dumb) you can’t really run a Docker image on Unraid unless you:
1) write an XML file using an undocumented schema
2) build and upload your image to Docker hub
3) get your container listed in community apps
Now I’m SURE it’s not actually that dumb. But I couldn’t figure it out before I got distracted, and thus I haven’t done it. All the “documentation” is exclusively forum threads. What little formal documentation exists is obsolete. It really feels like it’s set up for a core community of developers rather than the users.
Coming from that experience, I was impressed with a couple things about Umbrel as I read through OP:
(1) they have clear documentation on how to publish something to their App Store
(2) they have a documented YAML that handles most of the configuration
(3) they take an active role in curating the App Store. They claim to help you put together a nice listing.
(4) they have some actual tools to test your package
(5) the App Store has a concept of cross-app dependencies. They give the example of a blockchain explorer that needs a bitcoin node running. Very cool! I want to use this functionality to have one RDBMS, one git host, one logging service, etc all shared by the various apps I deploy.
When I looked into it, a Bitcoin node took over 300GB of space on your computer. I'd imagine that is over 600 GB now. Is anyone running full nodes on a raspberry pi?
Would it be possible to run Mastodon on this? With it being behind a domestic firewall, would that make it harder to other Mastodon instances to talk to it? Ditto for other ActivityPub software.
I'd like to see a world where anyone can easily set up and run their own social media from a Pi running on their home network.
Right now my home theater setup could use something easier then what i kludged together over a weekend.
what would that be?
These people have put a good deal of effort into their landing screen, unfortunately this effort has made it worse than it would have been if it was simple text descriptions. Please improve this.
Self hosting in 2022 is not exactly a walk in the park. Besides the obvious security risks of data loss/theft through exploits, you also have a challenge making anything as redundant as a cloud service.
Most major cloud services offer multi geographical redundancy, meaning if one data center completely vanishes (like the OVH fire), your data is safe in another data center, and hastily restoring redundancy to yet another data center.
You get versioning as well, i.e. OneDrive offers unlimited versions for 30 days, allowing you to roll back your entire account to a date 30 days in the past in case of malware attacks.
Add to that redundant hardware, power, internet, spare parts, physical access control, fire prevention and more.
On the other side of the fence, we have that old gaming PC that has been repurposed as a "home server", running Unraid, or slightly better TrueNAS in Raid-Z1, and not a backup in sight because "raid". Furthermore it probably hasn't been patched in months unless it defaults to auto updating.
I'm well aware that there are people that are serious about self hosting (i used to be one), but the above repurposed gaming PC is what you'll get in A LOT of the cases.
And to top it all off, with electricity prices in Europe as they are right now, the cloud is cheaper than running your own hardware, except of course for multi TB storage. A 4 bay Synology consuming 45W costs about €18/month in electricity alone, and a 60W server costs €23.5/month.
Even with my favourite distro, being a sys-admin gets annoying after a while.
There is nothing "free as in beer" that even comes close to this in polish. This is gorgeous.
Are security updates and DevOps automatic? How fine grained are the security updates i.e. Kernel level or app level? How long does it take end-to-end from CVE patch release to end user applying the update?
I would not want to lose my pictures, contacts or NextCloud files due to some update failure, hardware failure or my own mistake in managing the system.
Btw can't sign up for the newsletter although tried multiple emails and disabled adblocker. Just says "Oops! Something went wrong. Can you please try again?"...
Everybody can "spy" on your transactions by design, isn't it so? Isn't mixing the only way to go if you don't want everybody to see your entire shopping history?
What support, if any, is there for reading S.M.A.R.T. Stats, ZFS, and BTRFS? You mention CPU temps, but what about things that actually matter in regular use cases?
The major problem with Umbrel is that even though they package all in one-solutions. If something goes wrong you rely on umbrel for issues (against decentralization). You will rely on their updates for any problems.
start9 built an linux os group up. all services are individually packaged from source.
umbrel packages all dependencies together (via docker container) which could causes issues for maintenace.
// start9 vs umbrel https://youtu.be/kmfzATMxCj4
// what is start9 embassy? https://www.youtube.com/watch?v=GfMvXJxYamw
> I recently tried to set up an SSH server on NixOS and gave up after a day. And I love NixOS.
Setting up OpenSSH is one of the more trivial tasks on any Unix-like operating system. So I'm curious as to why you "love" NixOS despite it sounding like you aren't comfortable with (at least what I consider) a very trivial system setting change?
If you add the following to your configuration.nix and rebuild your system this will setup OpenSSH:
``` services.openssh.enable = true; ```
And if you have enabled the firewall you can make sure that port 22 is allowed with this:
``` networking.firewall.allowedTCPPorts = [ 22 ]; ```
And then just rebuild your system.
Being unable to enable SSH on NixOS sounds more of like a lack of understanding of how to use NixOS. Again, I'm exceedingly curious as to why you love NixOS but are unable to make such a trivial change to your system? Did you actually install NixOS on your system?
I am a huge fan of people at any stage of expertise loving NixOS and playing with it and I apologize if this question sounds like me being a dick or trying to police your experience -- please continue to love NixOS!
I'm looking forward to some backup service - ideally one I can also self host offsite - but don't mind a sensible paid service. I assume the Blockchain itself doesn't need to be backed up but my apps data, yes.
I'd love to have another umbrel server being used as backup in case the primary one "goes down"
and I dabble in cryptocurrency.
I would suggest that you will struggle to grow in the mainstream with that theme.
